SybilGuard: defending against sybil attacks via social networks
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Filtering spam with behavioral blacklisting
Proceedings of the 14th ACM conference on Computer and communications security
Spamscatter: characterizing internet scam hosting infrastructure
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Spamalytics: an empirical analysis of spam marketing conversion
Proceedings of the 15th ACM conference on Computer and communications security
Uncovering social spammers: social honeypots + machine learning
Proceedings of the 33rd international ACM SIGIR conference on Research and development in information retrieval
Spamcraft: an inside look at spam campaign orchestration
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
@spam: the underground on 140 characters or less
Proceedings of the 17th ACM conference on Computer and communications security
Detecting and characterizing social spam campaigns
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Detecting spammers on social networks
Proceedings of the 26th Annual Computer Security Applications Conference
Click Trajectories: End-to-End Analysis of the Spam Value Chain
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Design and Evaluation of a Real-Time URL Spam Filtering Service
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Dirty jobs: the role of freelance labor in web service abuse
SEC'11 Proceedings of the 20th USENIX conference on Security
Spam filtering in twitter using sender-receiver relationship
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Understanding and combating link farming in the twitter social network
Proceedings of the 21st international conference on World Wide Web
Serf and turf: crowdturfing for fun and profit
Proceedings of the 21st international conference on World Wide Web
Aiding the detection of fake accounts in large scale social online services
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Adapting social spam infrastructure for political censorship
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
PharmaLeaks: understanding the business of online pharmaceutical affiliate programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Efficient and scalable socware detection in online social networks
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Manufacturing compromise: the emergence of exploit-as-a-service
Proceedings of the 2012 ACM conference on Computer and communications security
Twitter games: how successful spammers pick targets
Proceedings of the 28th Annual Computer Security Applications Conference
Detecting malicious tweets in trending topics using a statistical analysis of language
Expert Systems with Applications: An International Journal
Searching for spam: detecting fraudulent accounts via web search
PAM'13 Proceedings of the 14th international conference on Passive and Active Measurement
An analysis of socware cascades in online social networks
Proceedings of the 22nd international conference on World Wide Web
Tweeting under pressure: analyzing trending topics and evolving word choice on sina weibo
Proceedings of the first ACM conference on Online social networks
Understanding latent interactions in online social networks
ACM Transactions on the Web (TWEB)
Proceedings of the 17th ACM conference on Computer supported cooperative work & social computing
SEC'13 Proceedings of the 22nd USENIX conference on Security
Trafficking fraudulent accounts: the role of the underground market in Twitter spam and abuse
SEC'13 Proceedings of the 22nd USENIX conference on Security
You are how you click: clickstream analysis for Sybil detection
SEC'13 Proceedings of the 22nd USENIX conference on Security
Social spammer detection in microblogging
IJCAI'13 Proceedings of the Twenty-Third international joint conference on Artificial Intelligence
Uncovering social network Sybils in the wild
ACM Transactions on Knowledge Discovery from Data (TKDD) - Casin special issue
Web 2.0, social networks and E-commerce as marketing tools
Journal of Theoretical and Applied Electronic Commerce Research
Hi-index | 0.00 |
In this study, we examine the abuse of online social networks at the hands of spammers through the lens of the tools, techniques, and support infrastructure they rely upon. To perform our analysis, we identify over 1.1 million accounts suspended by Twitter for disruptive activities over the course of seven months. In the process, we collect a dataset of 1.8 billion tweets, 80 million of which belong to spam accounts. We use our dataset to characterize the behavior and lifetime of spam accounts, the campaigns they execute, and the wide-spread abuse of legitimate web services such as URL shorteners and free web hosting. We also identify an emerging marketplace of illegitimate programs operated by spammers that include Twitter account sellers, ad-based URL shorteners, and spam affiliate programs that help enable underground market diversification. Our results show that 77% of spam accounts identified by Twitter are suspended within on day of their first tweet. Because of these pressures, less than 9% of accounts form social relationships with regular Twitter users. Instead, 17% of accounts rely on hijacking trends, while 52% of accounts use unsolicited mentions to reach an audience. In spite of daily account attrition, we show how five spam campaigns controlling 145 thousand accounts combined are able to persist for months at a time, with each campaign enacting a unique spamming strategy. Surprisingly, three of these campaigns send spam directing visitors to reputable store fronts, blurring the line regarding what constitutes spam on social networks.